package com.boot.security.conf;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * @Classname WebSecurityConfig
 * @Description 安全配置
 * @Date 2020/4/20 0020 16:25
 * @Created by 埔枘
 */
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    /**
     * 加密
     */
    @Autowired
    private PasswordEncoder encoder;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()//审核请求
                .antMatchers("/", "/home").permitAll()//匹配的放行
                .anyRequest().authenticated()//任意请求 进行认证
                .and()
                .formLogin()//表单登录
                .loginPage("/login")//指定登录页面
                .permitAll()//放行
                .and()
                .logout()//注销
                .permitAll();//发行
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .inMemoryAuthentication()//用户信息 放在 内存中
                .withUser("user").password(encoder.encode("password")).roles("USER");
    }

    // 加密器
    @Bean
    public PasswordEncoder initPasswordEncoder(){
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }

}
